public class SecurityOperationsImpl extends Object implements SecurityOperations
Constructor and Description |
---|
SecurityOperationsImpl(ClientContext context) |
Modifier and Type | Method and Description |
---|---|
boolean |
authenticateUser(String principal,
AuthenticationToken token)
Verify a username/password combination is valid
|
boolean |
authenticateUser(String user,
byte[] password)
Deprecated.
|
void |
changeLocalUserPassword(String principal,
PasswordToken token)
Set the user's password
|
void |
changeUserAuthorizations(String principal,
Authorizations authorizations)
Set the user's record-level authorizations
|
void |
changeUserPassword(String user,
byte[] password)
Deprecated.
|
void |
createLocalUser(String principal,
PasswordToken password)
Create a user
|
void |
createUser(String user,
byte[] password,
Authorizations authorizations)
Deprecated.
|
void |
dropLocalUser(String principal)
Delete a user
|
void |
dropUser(String user)
Deprecated.
|
DelegationToken |
getDelegationToken(DelegationTokenConfig cfg)
Obtain a
DelegationToken for use when Kerberos credentials cannot be used (e.g. |
Authorizations |
getUserAuthorizations(String principal)
Retrieves the user's authorizations for scanning
|
void |
grantNamespacePermission(String principal,
String namespace,
NamespacePermission permission)
Grant a user a specific permission for a specific namespace
|
void |
grantSystemPermission(String principal,
SystemPermission permission)
Grant a user a system permission
|
void |
grantTablePermission(String principal,
String table,
TablePermission permission)
Grant a user a specific permission for a specific table
|
boolean |
hasNamespacePermission(String principal,
String namespace,
NamespacePermission permission)
Verify the user has a particular namespace permission
|
boolean |
hasSystemPermission(String principal,
SystemPermission perm)
Verify the user has a particular system permission
|
boolean |
hasTablePermission(String principal,
String table,
TablePermission perm)
Verify the user has a particular table permission
|
Set<String> |
listLocalUsers()
Return a list of users in accumulo
|
Set<String> |
listUsers()
Deprecated.
|
void |
revokeNamespacePermission(String principal,
String namespace,
NamespacePermission permission)
Revoke a namespace permission for a specific user on a specific namespace
|
void |
revokeSystemPermission(String principal,
SystemPermission permission)
Revoke a system permission from a user
|
void |
revokeTablePermission(String principal,
String table,
TablePermission permission)
Revoke a table permission for a specific user on a specific table
|
public SecurityOperationsImpl(ClientContext context)
@Deprecated public void createUser(String user, byte[] password, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException
SecurityOperations
createUser
in interface SecurityOperations
user
- the name of the user to createpassword
- the plaintext password for the userauthorizations
- the authorizations that the user has for scanningAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to create a userpublic void createLocalUser(String principal, PasswordToken password) throws AccumuloException, AccumuloSecurityException
SecurityOperations
createLocalUser
in interface SecurityOperations
principal
- the name of the user to createpassword
- the plaintext password for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to create a user@Deprecated public void dropUser(String user) throws AccumuloException, AccumuloSecurityException
SecurityOperations
dropUser
in interface SecurityOperations
user
- the user name to deleteAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to delete a userpublic void dropLocalUser(String principal) throws AccumuloException, AccumuloSecurityException
SecurityOperations
dropLocalUser
in interface SecurityOperations
principal
- the user name to deleteAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to delete a user@Deprecated public boolean authenticateUser(String user, byte[] password) throws AccumuloException, AccumuloSecurityException
SecurityOperations
authenticateUser
in interface SecurityOperations
user
- the name of the user to authenticatepassword
- the plaintext password for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to askpublic boolean authenticateUser(String principal, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException
SecurityOperations
authenticateUser
in interface SecurityOperations
principal
- the name of the user to authenticatetoken
- the SecurityToken for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to ask@Deprecated public void changeUserPassword(String user, byte[] password) throws AccumuloException, AccumuloSecurityException
SecurityOperations
changeUserPassword
in interface SecurityOperations
user
- the name of the user to modifypassword
- the plaintext password for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to modify a userpublic void changeLocalUserPassword(String principal, PasswordToken token) throws AccumuloException, AccumuloSecurityException
SecurityOperations
changeLocalUserPassword
in interface SecurityOperations
principal
- the name of the user to modifytoken
- the plaintext password for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to modify a userpublic void changeUserAuthorizations(String principal, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException
SecurityOperations
changeUserAuthorizations
in interface SecurityOperations
principal
- the name of the user to modifyauthorizations
- the authorizations that the user has for scanningAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to modify a userpublic Authorizations getUserAuthorizations(String principal) throws AccumuloException, AccumuloSecurityException
SecurityOperations
getUserAuthorizations
in interface SecurityOperations
principal
- the name of the user to queryAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query a userpublic boolean hasSystemPermission(String principal, SystemPermission perm) throws AccumuloException, AccumuloSecurityException
SecurityOperations
hasSystemPermission
in interface SecurityOperations
principal
- the name of the user to queryperm
- the system permission to check forAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query a userpublic boolean hasTablePermission(String principal, String table, TablePermission perm) throws AccumuloException, AccumuloSecurityException
SecurityOperations
hasTablePermission
in interface SecurityOperations
principal
- the name of the user to querytable
- the name of the table to query aboutperm
- the table permission to check forAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query a userpublic boolean hasNamespacePermission(String principal, String namespace, NamespacePermission permission) throws AccumuloException, AccumuloSecurityException
SecurityOperations
hasNamespacePermission
in interface SecurityOperations
principal
- the name of the user to querynamespace
- the name of the namespace to query aboutpermission
- the namespace permission to check forAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query a userpublic void grantSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException
SecurityOperations
grantSystemPermission
in interface SecurityOperations
principal
- the name of the user to modifypermission
- the system permission to grant to the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to grant a user permissionspublic void grantTablePermission(String principal, String table, TablePermission permission) throws AccumuloException, AccumuloSecurityException
SecurityOperations
grantTablePermission
in interface SecurityOperations
principal
- the name of the user to modifytable
- the name of the table to modify for the userpermission
- the table permission to grant to the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to grant a user permissionspublic void grantNamespacePermission(String principal, String namespace, NamespacePermission permission) throws AccumuloException, AccumuloSecurityException
SecurityOperations
grantNamespacePermission
in interface SecurityOperations
principal
- the name of the user to modifynamespace
- the name of the namespace to modify for the userpermission
- the namespace permission to grant to the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to grant a user permissionspublic void revokeSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException
SecurityOperations
revokeSystemPermission
in interface SecurityOperations
principal
- the name of the user to modifypermission
- the system permission to revoke for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to revoke a user's permissionspublic void revokeTablePermission(String principal, String table, TablePermission permission) throws AccumuloException, AccumuloSecurityException
SecurityOperations
revokeTablePermission
in interface SecurityOperations
principal
- the name of the user to modifytable
- the name of the table to modify for the userpermission
- the table permission to revoke for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to revoke a user's permissionspublic void revokeNamespacePermission(String principal, String namespace, NamespacePermission permission) throws AccumuloException, AccumuloSecurityException
SecurityOperations
revokeNamespacePermission
in interface SecurityOperations
principal
- the name of the user to modifynamespace
- the name of the namespace to modify for the userpermission
- the namespace permission to revoke for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to revoke a user's permissions@Deprecated public Set<String> listUsers() throws AccumuloException, AccumuloSecurityException
SecurityOperations
listUsers
in interface SecurityOperations
AccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query userspublic Set<String> listLocalUsers() throws AccumuloException, AccumuloSecurityException
SecurityOperations
listLocalUsers
in interface SecurityOperations
AccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query userspublic DelegationToken getDelegationToken(DelegationTokenConfig cfg) throws AccumuloException, AccumuloSecurityException
SecurityOperations
DelegationToken
for use when Kerberos credentials cannot be used (e.g. YARN
Jobs)getDelegationToken
in interface SecurityOperations
AccumuloException
AccumuloSecurityException
Copyright © 2011–2018 The Apache Software Foundation. All rights reserved.